CVE search results

1 – 10 of 14 results

Detailed view

Sort by:

CVE-2024-36052

Medium priority

Not affected

RARLAB WinRAR before 7.00, on Windows, allows attackers to spoof the screen output via ANSI escape sequences, a different issue than CVE-2024-33899.

1 affected package

unrar-nonfree

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
unrar-nonfree	Not affected	Not affected	Not affected	Not affected	Not affected

CVE-2024-33899

Medium priority

Some fixes available 2 of 5

RARLAB WinRAR before 7.00, on Linux and UNIX platforms, allows attackers to spoof the screen output, or cause a denial of service, via ANSI escape sequences.

1 affected package

unrar-nonfree

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
unrar-nonfree	Not affected	Fixed	Fixed	Needs evaluation	Needs evaluation

CVE-2023-40477

Medium priority

Some fixes available 11 of 19

RARLAB WinRAR Recovery Volume Improper Validation of Array Index Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of RARLAB WinRAR....

3 affected packages

libclamunrar, rar, unrar-nonfree

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
libclamunrar	Not affected	Fixed	Fixed	Vulnerable	Vulnerable
rar	Fixed	Fixed	Fixed	Vulnerable	Vulnerable
unrar-nonfree	Not affected	Fixed	Fixed	Vulnerable	Vulnerable

CVE-2022-48579

Medium priority

Some fixes available 2 of 4

UnRAR before 6.2.3 allows extraction of files outside of the destination folder via symlink chains.

1 affected package

unrar-nonfree

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
unrar-nonfree	Not affected	Fixed	Fixed	Needs evaluation	Needs evaluation

CVE-2022-30333

High priority

Some fixes available 10 of 18

RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a ~/.ssh/authorized_keys file. NOTE: WinRAR and Android RAR are unaffected.

3 affected packages

libclamunrar, rar, unrar-nonfree

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
libclamunrar	Not affected	Fixed	Fixed	Vulnerable	Vulnerable
rar	Fixed	Fixed	Fixed	Needs evaluation	Needs evaluation
unrar-nonfree	Not affected	Fixed	Fixed	Vulnerable	Needs evaluation

CVE-2018-25018

Medium priority

Needs evaluation

UnRAR 5.6.1.7 through 5.7.4 and 6.0.3 has an out-of-bounds write during a memcpy in QuickOpen::ReadRaw when called from QuickOpen::ReadNext.

1 affected package

unrar-nonfree

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
unrar-nonfree	Not affected	Not affected	Not affected	Needs evaluation	Needs evaluation

CVE-2017-20006

Medium priority

Needs evaluation

UnRAR 5.6.1.2 and 5.6.1.3 has a heap-based buffer overflow in Unpack::CopyString (called from Unpack::Unpack5 and CmdExtract::ExtractCurrentFile).

1 affected package

unrar-nonfree

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
unrar-nonfree	Not affected	Not affected	Not affected	Needs evaluation	Needs evaluation

CVE-2017-12942

Medium priority

Vulnerable

libunrar.a in UnRAR before 5.5.7 has a buffer overflow in the Unpack::LongLZ function.

1 affected package

unrar-nonfree

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
unrar-nonfree	Not affected	Not affected	Not affected	Not affected	Vulnerable

CVE-2017-12941

Low priority

Vulnerable

libunrar.a in UnRAR before 5.5.7 has an out-of-bounds read in the Unpack::Unpack20 function.

1 affected package

unrar-nonfree

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
unrar-nonfree	Not affected	Not affected	Not affected	Not affected	Vulnerable

CVE-2017-12940

Low priority

Vulnerable

libunrar.a in UnRAR before 5.5.7 has an out-of-bounds read in the EncodeFileName::Decode call within the Archive::ReadHeader15 function.

1 affected package

unrar-nonfree

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
unrar-nonfree	Not affected	Not affected	Not affected	Not affected	Vulnerable

Export to JSON

Results by page:

Search CVE reports